The recent cyber incidents that took place in the Baltic countries and Ukraine during the NATO military exercise Steadfast Jazz (held in Poland and the Baltic States on November 2-9) provide a good opportunity to examine relationships between hacktivists, government-controlled media , as well as the possibility of links between “patriotic hacktivists” with elements within governments. The recent cyber incidents are remarkable also for their sequencing: when some Estonian and Latvian government websites came under distributed denial of service (DDoS) attacks, there was also an attempt to connect the Tallinn-based NATO’s Cooperative Cyber Defence Centre of Excellence (CCD COE) with faked emails and defacement of webpages in Ukraine. What is more, both types of cyber incidents were used by Russian government- controlled and owned media outlets to misinform Russian speaking community in Russia and at its “near-abroad” about NATO. First, on November 1, the websites of the Ministry of Defence and Estonian Defence Forces were hit with DDoS, for which responsibility was claimed by Anonymous Ukraine. Some days later, on November 4, at least three Ukrainian government webpages (the medical department of the Security Service of Ukraine; the Prosecutor General’s Office; and the State Fund for Fundamental Research, a sub-agency of Ministry of Education and Science), as well as the site of the non-governmental organization Agency for Legislative Initiatives were subject to another attack: this time, defacement. A message that apparently came the CCD COE was posted to these pages, claiming that the defacement was part of Steadfast Jazz. A day later, on November 5, the Latvian Ministry of Defence announced that its site and that of the Latvian Defence Forces had also experienced cyberattacks resulting in similar defacement with the same message. On November 7, the site of Estonian railway company Elron was defaced with messages claiming that passenger train traffic had been halted as a result of Steadfast Jazz. The defaced site was down for very short time and it did not have any impact on train circulation. Earlier on the same day the website of the CCD COE came under DDoS attack for which responsibility was owned up by Anonymous Ukraine. . . .
On the same evening, November 4, the Russian news portal Regnum.ru – which according to the Estonian Internal Security Service is controlled by Russian security services – published a news article claiming that CCD COE had “accidentally” attacked Ukrainian and Latvian websites. It was argued that while the military part of Steadfast Jazz took place in physical theatre of operations on the territory of Poland, CCD COE was conducting cyber operations. As part of this training, the Russian site explained, the Centre was supposed to test cyber capabilities in an artificial training laboratory on localized copies of real websites, but had accidentally attacked the real websites of NATO members and partners (sic!). The article did not cite the source of the information. Two days later, Voice of Russia, the international broadcasting service of the Russian government, published an even more elaborate article with the same charges against CCD COE – allegedly it had conducted cyber operations as part of Steadfast Jazz, but by mistake ended up attacking NATO’s allies and partners instead. The conclusion was that NATO is incapable defending its own members and partners, and on top of that, the Alliance would use its own members and partners as “test sites”. By contrast, the English service of the Voice of Russia and the English version of Regnum.ru did not mention the incidents at all. . . .
While technically rather primitive, these incidents merit attention because of their targets, messages and the way they were represented by some Russian media outlets. . . .
Both state and non-state actors alike will take advantage of widely available and inexpensive hacking tools usable by anyone with basic IT-skills to disseminate their message and attain leverage in key targeted groups. In some countries, media will be used for shaping public opinion – at home and in its “near abroad” – in a manner favorable to governments’ interests.